[cap-talk] Domain change (IPC?) overhead (was: Re: Gnu Hurd status? Power box?)
Jonathan S. Shapiro
shap at eros-os.com
Mon Mar 24 15:41:30 EDT 2008
On Mon, 2008-03-24 at 11:54 -0700, Jed Donnelley wrote:
> On 3/24/2008 9:52 AM, Jonathan S. Shapiro wrote:
> > However: robustness implies introducing IPC, and each IPC adds overhead.
> > As applications are factored and multiple layers of IPC are introduced,
> > performance of IPC becomes critical very quickly.
>
> Isn't the above consideration where the language systems for
> POLA provide significant additional value?
Not clear. Depends on what percentage of your IPCs are doing data
motion. If you want to avoid storage denial of service issues and keep
GC local to each domain, you still have a copy boundary at the domain
boundary, and the copy cost can get large.
> I'm still a bit skeptical in this area, being reluctant to
> accept compilers/interpreters as part of my TCB...
Compilers are in your TCB either way unless you have a proof-generating
compiler. Complexity of fast dynamic translation plus language runtime
is probably less than complexity of microkernel. Optimizing dynamic
translation is another matter, but that doesn't need to be in the TCB.
shap
More information about the cap-talk
mailing list